Job Description
- Working directly with the Level 3 / CERT to look for artifacts and IOCs on SIEM solutions and other applications;
- Hunting for hygiene issues, threats and advanced threats provided by the Threat Intelligence Team;
- Configuring endpoint tools (EDR) to implement IOCs in order to launch hunting queries;
- Running Network Discovery Mapping to find anomalies on networks;
- Assisting experts during configuration for deceptive security solutions and technologies;
- Working with use case factory to develop new signatures;
- Working with experts in implementing new signatures;
Primary Skills
- Excellent knowledge of one of the SEIM products – Qradar, ELK, Splunk
- Working knowledge in EDR solution like carbon black, end game etc.
Secondary Skills
- Team player
- Fluent in English